Security Experts:

Connect with us

Hi, what are you looking for?



Intel CPU Vulnerability Can Expose Cryptographic Keys

One of the vulnerabilities patched recently by Intel in its processors could allow an attacker with physical access to the targeted system to obtain cryptographic keys, according to the cybersecurity firm whose researchers discovered the flaw.

One of the vulnerabilities patched recently by Intel in its processors could allow an attacker with physical access to the targeted system to obtain cryptographic keys, according to the cybersecurity firm whose researchers discovered the flaw.

The security hole, tracked as CVE-2021-0146 and rated high severity, impacts Pentium, Celeron and Atom CPUs on mobile, desktop and embedded devices. Affected Atom IoT processors are present in many cars, apparently including ones made by Tesla.

Intel announced the availability of fixes when it released its November 2021 Patch Tuesday updates.

“Hardware allows activation of test or debug logic at runtime for some Intel processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access,” Intel said in its advisory.

The issue was identified by researchers at Russian cybersecurity firm Positive Technologies, which was sanctioned by the United States earlier this year due to its alleged ties to Russian intelligence.

Positive Technologies revealed on Monday that the vulnerability found by its researchers in Intel processors is related to “debugging functionality with excessive privileges, which is not protected as it should be.”

One theoretical attack scenario described by the company involves a lost or stolen laptop storing confidential information that is encrypted. An attacker could exploit CVE-2021-0146 to extract the encryption key needed to access the confidential information.

“The bug can also be exploited in targeted attacks across the supply chain. For example, an employee of an Intel processor-based device supplier could, in theory, extract the Intel CSME firmware key and deploy spyware that security software would not detect,” explained Mark Ermolov, one of the researchers who discovered the flaw.

“This vulnerability is also dangerous because it facilitates the extraction of the root encryption key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy ID) technologies in systems for protecting digital content from illegal copying,” Ermolov added. “For example, a number of Amazon e-book models use Intel EPID-based protection for digital rights management. Using this vulnerability, an intruder might extract the root EPID key from a device (e-book), and then, having compromised Intel EPID technology, download electronic materials from providers in file form, copy and distribute them.”

This is not the only CPU vulnerability for which Intel has announced patches this month. The chipmaker also informed users about two high-severity issues in the BIOS reference code of some processors, which can allow a privileged attacker to escalate privileges via local access.

These flaws are tracked as CVE-2021-0157 and CVE-2021-0158, and they impact Xeon, Core, Celeron and Pentium processors.

Major computer vendors such as Dell, Lenovo and HP have informed their customers about the availability of patches for these vulnerabilities.

Related: Intel, VMware Join Patch Tuesday Parade

Related: Intel Patches High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.